David Bennett, DISA's CIO, is examining how accepting DoD agencies are of using commercial cloud providers for sensitive information. (DISA)
Amazon Web Services on Aug. 21 announced that it has achieved approval under the Defense Department’s cloud security model to operate commercial cloud services for the department’s sensitive, higher-security data management.
The provision authorization grants AWS the opportunity to provide cloud services at impact levels 3 through 5 under DoD’s security model, a stricter version of criteria than the baseline requirements under the Federal Risk and Authorization Management Program, or FedRAMP. Levels 3 through 5 deal with sensitive, for-official-use-only, unclassified data and applications. AWS is one of four providers already authorized for levels 1 and 2.
AWS’ announcement comes as officials at DoD are preparing to launch five pilot programs aimed at demonstrating the use of commercial cloud services for the higher-sensitivity requirements of impact levels 3 through 5. Officials have said the initial criteria that prospective cloud providers must meet may be too stringent, and their hope is that the cloud pilots will help them reevaluate their benchmarks.
Read the full story at C4ISRNet.com .